Network Security Wheel

The network security wheel is a methodology how the network security of an enterprise is maintained. We can think about the notion of ‘wheel’ here as a depiction that says that network security is a continuous process. In other words, in order to keep the wheel rolling, security engineers/specialists in an enterprise should always maintain four steps:

1. Secure

2. Monitor

3. Test

4. Improve

We can also see that the policy is at the centre of everything. It means that all these four steps are regulated and executed according to the policy. Because of this, the presence of a good security policy is critical.

– Secure

First step: we have to secure our networks. This is the step where we implement our security solutions in the enterprise. Firewalls, authentication, encryption are included in this step. Questions that can be asked in this step may include:

– What kind of firewalls do we want?

– Where should we put the firewall? Should we use layered firewalls?

– Where and when should we use authentication? Use password, fingerprint or something else?

– What type of encryption should we use? What kind of information that we should encrypt?

All those questions above, yes, can be answered with: “It depends”. This is completely right. It depends on your security policy!

– Monitor

This is the step where we monitor our security solutions implemented in the previous step. We should monitor if a security breach exists. We can think about IDS or IPS in this stage. This step can also be used to validate our security solutions. How are our solutions defending the enterprise’s network? Good, bad, need improvement?

– Test

This is the step where the security engineers/specialists try to break their own security solutions. We can think of this step as penetration tester’s kind of job. However sometimes we can always test the security from the business point-of-view. Do our security solutions hinder employee’s productivity significantly?

– Improve

We can think this step as the continuation of the previous step. Once we find a breach or something that hinders employee’s productivity, then we can improve it here. This may also be a good place to change our security policy.

One thought on “Network Security Wheel

  1. Hi there, just became aware of your blog through Google, and found that it’s truly informative. Im gonna watch out for brussels. I will appreciate if you continue this in future. Many people will be benefited from your writing. Cheers! kabfeccebaak

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s